Merge pull request #1336 from brendandburns/privilege

Refactor to clean up names.
2025-07-27 05:27:21 +00:00 · 2014-09-16 15:30:13 -07:00 · 2014-09-16 15:30:13 -07:00 · cacf888e49
commit cacf888e49
parent 506f51b186 dc5a4a8c3f
6 changed files with 10 additions and 10 deletions
--- a/cmd/apiserver/apiserver.go
+++ b/cmd/apiserver/apiserver.go
@ -114,7 +114,7 @@ func main() {
 		glog.Fatalf("-etcd_servers flag is required.")
 	}
-	capabilities.InitializeCapabilities(capabilities.Capabilities{
+	capabilities.Initialize(capabilities.Capabilities{
 		AllowPrivileged: *allowPrivileged,
 	})
--- a/cmd/kubelet/kubelet.go
+++ b/cmd/kubelet/kubelet.go
@ -105,7 +105,7 @@ func main() {
 	etcd.SetLogger(util.NewLogger("etcd "))
-	capabilities.InitializeCapabilities(capabilities.Capabilities{
+	capabilities.Initialize(capabilities.Capabilities{
 		AllowPrivileged: *allowPrivileged,
 	})
--- a/pkg/api/validation/validation.go
+++ b/pkg/api/validation/validation.go
@ -227,7 +227,7 @@ func validateContainers(containers []api.Container, volumes util.StringSet) errs
 	for i := range containers {
 		cErrs := errs.ErrorList{}
 		ctr := &containers[i] // so we can set default values
-		capabilities := capabilities.GetCapabilities()
+		capabilities := capabilities.Get()
 		if len(ctr.Name) == 0 {
 			cErrs = append(cErrs, errs.NewFieldRequired("name", ctr.Name))
 		} else if !util.IsDNSLabel(ctr.Name) {
--- a/pkg/api/validation/validation_test.go
+++ b/pkg/api/validation/validation_test.go
@ -180,7 +180,7 @@ func TestValidateVolumeMounts(t *testing.T) {
 func TestValidateContainers(t *testing.T) {
 	volumes := util.StringSet{}
-	capabilities.SetCapabilitiesForTests(capabilities.Capabilities{
+	capabilities.SetForTests(capabilities.Capabilities{
 		AllowPrivileged: true,
 	})
@ -203,7 +203,7 @@ func TestValidateContainers(t *testing.T) {
 		t.Errorf("expected success: %v", errs)
 	}
-	capabilities.SetCapabilitiesForTests(capabilities.Capabilities{
+	capabilities.SetForTests(capabilities.Capabilities{
 		AllowPrivileged: false,
 	})
 	errorCases := map[string][]api.Container{
--- a/pkg/capabilities/capabilities.go
+++ b/pkg/capabilities/capabilities.go
@ -30,7 +30,7 @@ var once sync.Once
 var capabilities *Capabilities
 // Initialize the capability set.  This can only be done once per binary, subsequent calls are ignored.
-func InitializeCapabilities(c Capabilities) {
+func Initialize(c Capabilities) {
 	// Only do this once
 	once.Do(func() {
 		capabilities = &c
@ -38,14 +38,14 @@ func InitializeCapabilities(c Capabilities) {
 }
 // SetCapabilitiesForTests.  Convenience method for testing.  This should only be called from tests.
-func SetCapabilitiesForTests(c Capabilities) {
+func SetForTests(c Capabilities) {
 	capabilities = &c
 }
 // Returns a read-only copy of the system capabilities.
-func GetCapabilities() Capabilities {
+func Get() Capabilities {
 	if capabilities == nil {
-		InitializeCapabilities(Capabilities{
+		Initialize(Capabilities{
 			AllowPrivileged: false,
 		})
 	}
--- a/pkg/kubelet/kubelet.go
+++ b/pkg/kubelet/kubelet.go
@ -337,7 +337,7 @@ func (kl *Kubelet) runContainer(pod *Pod, container *api.Container, podVolumes v
 		return "", err
 	}
 	privileged := false
-	if capabilities.GetCapabilities().AllowPrivileged {
+	if capabilities.Get().AllowPrivileged {
 		privileged = container.Privileged
 	} else if container.Privileged {
 		return "", fmt.Errorf("Container requested privileged mode, but it is disallowed globally.")